> > while i'm sure your rule will work, opening up >15,000 ports > to make ftp function is not the correct way to go about this > issue. instead, install and configure an ftpd which allows > you to specify the ports which are advertised by the server > to the client. wuftpd and proftpd both do this very nicely. > you should specify the smallest range possible, and ensure > that no other applications are already bound to those ports. > even a hundred ports will accomodate a large number of ftp > users...
Yes, but the original correspondent only indicated that he was using FreeBSD 4.7, and according to the FreeBSD man page for 'ftpd', the port range for passive connections is "hard-wired". A number of FTP servers these days support finer control over that port range, and I'd favor 'vsftpd' or 'pure-ftpd' over 'wuftpd' and 'proftpd'. The latter have suffered too many security problems over the years to inspire much confidence in me. David S. >
